Trinetra
Trinetra
Cyber Defense
Home / Threat Intel / Group · Everest
Ransomware · Threat Group Dossier Active · currently disclosing victims

Everest

Everest is a ransomware operation with 350 publicly named victims. Double-extortion: data theft, encryption, leak-site shaming.

350
Named victims
48
In 2026
33
Countries hit
20 Apr 2026
Last disclosure

fingerprintDossier

Active since
Tracked on public leak sites
Origin / attribution
Unattributed
Known aliases
None publicly tracked.
Common initial access
Valid credentials, exposed remote services, phishing.
TTPs & tradecraft
Double-extortion: data theft, encryption, leak-site shaming.

publicTop countries hit

United States93
Italy10
UAE8
United Kingdom8
Spain8
Japan7
Germany7
Canada5

factoryTop sectors targeted

Not Found49
Technology36
Healthcare36
Business Services19
Manufacturing17
Financial Services15
Transportation/Logistics10
Energy9

historyRecent named victims

Nutrabio
US · Agriculture and Food Production · 20 Apr 2026
Umiles Group
Business Services · 20 Apr 2026
Complete Aircraft Group
US · Manufacturing · 20 Apr 2026
Tokoparts
ID · Consumer Services · 20 Apr 2026
Citizens Bank
US · Financial Services · 20 Apr 2026
Frost Bank
US · Financial Services · 20 Apr 2026
K Subsea Group
SG · Energy · 13 Apr 2026
Nissan
JP · Manufacturing · 01 Apr 2026
Parque Eólico Toabré
PA · Energy · 31 Mar 2026
PT Brantas Abipraya
ID · Construction · 31 Mar 2026
Straight Line Logistics
AE · Transportation/Logistics · 30 Mar 2026
Evaluate a Norstella company
NO · Not Found · 15 Mar 2026
First Priority Group
US · Not Found · 10 Mar 2026
Hyundai Elevator
KR · Manufacturing · 06 Mar 2026
UD Trucks
JP · Manufacturing · 28 Feb 2026

Sourced from open leak-site monitoring · Generated 20 Apr 2026